REMARKS 

Applicants have carefully studied the outstanding Office Action. The present submission 
is intended to be fully responsive to the rejection raised by the Office Action and is believed to 
place the application in condition for allowance. Further, Applicants do not acquiesce to any of 
the Office Action rejections not particularly addressed. Favorable reconsideration and allowance 
of the application is respectfully requested. 



Claim Rejections under 35 U.S.C. §102 

Claims 1-20 stand rejected under 35 U.S.C. §102(e) as being anticipated by Minear et al 
(U.S. Patent No. 6,101,189). Claims 1, 10, and 20 have been amended. Applicants respectfully 
submit that Minear does not disclose, teach, or even suggest the presently claimed application. 

As an initial matter, it is important to keep in mind that all of the pending claims recite a 
Security Association ("SA") between an internal network device and an external network device 
that are connected via a router/gateway. For example. Claim 1 of the present application recites 
"providing a first network device [internal network device] and a second network device 
[router/gateway] on a first network" and "establishing a security association [SA] between the 
first network device [internal network device] and a third network device [external network 
device] on a second network external to the first network." As known in the art, the SA ensures 
that packets are secure between the entire end-to-end path of the communication between the 
internal and external network devices (i.e., the network devices for which the SA was 
established). Securing only a portion of the communication path, such as between only the 
internal network device and the router/gateway, between only the external network device and 
the router/gateway, or between only a pair of routers/gateways, does not constitute an SA 
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between the internal and external network devices. Consequently, as explained more fully 
below, Minear does not anticipate or render obvious the present claims. 

Minear discloses a system for regulating the flow of messages through a firewall 
including establishing a secure communication tunnel between two firewalls for firewall-to- 
firewall encryption. See Minear, Abstract and col. 3 lines 50-51. Minear does not disclose a 
secure communication channel, however, between an internal network device and an external 
network device that are connected via a router/gateway. 

Contrary to the Examiner's assertion, Minear does not "establish[] a security association 
between the first network device and a third network device on a second network external to the 
first network." See Office Action, p. 3. The Examiner identifies workstation HI in Minear as a 
"first network device," firewall 14 (SWl) as a "second device," and workstation H3 in Minear as 
a "third network device." However, Figure 3 of Minear clearly illustrates that there is no 
security association present between the two workstations HI and H3. Packets are encrypted 
only between firewalls 14 (SWl) and 18 (SW2), and are decrypted before they reach HI and H3. 
Therefore, at best a security association merely exists between the second device and an 
additional device, firewall 18 (SW2). Thus, there is no end to end security association between 
the first workstation and the third workstation, as recited in the present claims, and Minear does 
not anticipate independent claims 1,10, and 20. 

Claims 2-9 and 1 1-19 are dependent on claims 1 and 10, and are therefore allowable for 
at least the reasons described with reference to claims 1 and 10. 



Conclusion 

Applicants respectfully submit that, in view of the remarks above, the present application. 
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including claims 1-20, is in condition for allowance, and Applicants solicit action to that end. 

If there are any additional matters which may be resolved through a telephone interview, 
the Examiner is respectfully requested to contact Applicants' undersigned representative. 



McDonnell boehnen hulbert & berghoff llp 

300 South Wacker Drive 
Chicago, Illinois 60606 
Telephone No. 312-913-0001 
Facsimile No. 312-913-0002 
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Respectfiilly submitted, 

McDonnell Boehnen Hulbert & Berghoff LLP 



Date: March 4. 2005 
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